CN101931536B - Method for encrypting and authenticating efficient data without authentication center - Google Patents
Method for encrypting and authenticating efficient data without authentication center Download PDFInfo
- Publication number
- CN101931536B CN101931536B CN201010268540XA CN201010268540A CN101931536B CN 101931536 B CN101931536 B CN 101931536B CN 201010268540X A CN201010268540X A CN 201010268540XA CN 201010268540 A CN201010268540 A CN 201010268540A CN 101931536 B CN101931536 B CN 101931536B
- Authority
- CN
- China
- Prior art keywords
- sender
- parameter
- kdc
- data
- recipient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention discloses a method for encrypting and authenticating efficient data without an authentication center, which comprises the following steps of: (1) determining system parameters; (2) registering information receiving and transmitting parties; (3) performing data encryption and authentication protection on plaintext messages to be sent to a receiver by a sender; and (4) reading and authenticating the received data messages by the receiver, wherein in the step (3), ciphertexts, signature parameters and electronic signatures are combined by calculating secret key parameters, calculating the ciphertexts and the signature parameters on the plaintext messages according to the secret key parameters and calculating the electronic signatures according to the plaintext messages, the signature parameters and the like to form and send the data messages. Through the method of the invention, data encryption and the authentication of content integrity on the plaintext messages can be performed simultaneously and efficiently, and a series of problems caused by adopting the authentication center in the conventional method can be prevented.
Description
Technical field
The present invention relates to the data protection technology in ecommerce, E-Government, information security, the network communication field, be specifically related to a kind of efficient data that need not authentication center and encrypt and authentication method.
Background technology
In the every field relevant with information such as e-commerce system, electronic government affairs system, information safety system, network communicating system, data encryption technology and electronic signature technology are two kinds of basic data protection technology.Wherein, what data encryption technology was protected is the confidentiality of data, and it converts insignificant ciphertext to through with data process encryption key and DEA, avoids data by person's visit without permission.Electronic signature technology then carries out authentication and protection to the integrality and the source of data; Intactly simulated the function of real-life handwritten signature; Have abilities such as authentication, source discriminating, resisting denying, anti-forgery; Guarantee authenticity, fail safe, reliability and the legitimacy of electronic message, thereby have very significant meaning for the normal operation of guarantee information system.In many countries, comprise China, electronic signature has all obtained jurally admitting.
In practical application, what people often ran into is to need the confidentiality and integrity authentication of protected data simultaneously, just message packet is applied data encryption simultaneously and signs electronically two kinds of data manipulations.In order to satisfy this demand, existing method of operation is with data encryption and authentication simple combination, and the various combination through to electronic signature and two operating procedures of data encryption reaches this purpose.At present, combined method commonly used has following two types:
1) encrypts the back endorsement method earlier.The characteristics of these class methods are at first clear-text message to be encrypted, and then the message after encrypting is signed electronically.But these class methods exist safety problems such as signature replacement and message extension, therefore, need outer, the complicated real-time, interactive authenticating step of plus, after the relation of breaking the wall of mistrust between the both sides of communication, can continue operation.Both sides' executive real-time interaction protocol of communication has brought bigger communications burden and data expansion for system on the one hand; Make this method be limited to the occasion of on-line operation on the other hand; Off-line data protection operation can't be carried out, thereby the needs of practical application can't be satisfied.
2) elder generation's signature back encryption method.The characteristics of these class methods are at first clear-text message to be signed electronically, and then the clear-text message that comprises electronic signature is carried out data encryption, re-use technology distribution data encryption keys such as encryption key distribution at last.These class methods have solved " encrypting the back endorsement method earlier " existing safety issue preferably; Therefore obtained to use more widely; Like famous encryption software PGP, just used RSA electronic signature technology and IDEA data encryption technology to realize the data protection and the certification work of " signature back encryption method earlier ".But in practical application; Because these class methods have adopted technology such as electronic signature, data encryption and encryption key distribution; Therefore depend on a mechanism of trusted third party strongly as authentication center, in the verification process of electronic signature, data encryption and encryption key distribution, need accomplish relevant authentication through real-time, interactive by verifier and authentication center, this has not only brought bigger computation burden, communications burden and data expansion; And be limited to the occasion of on-line operation; Cause the work load of system to increase the weight of, the operating efficiency of system reduces, and can't carry out off-line data protection operation; Can't satisfy the needs of practical application, seriously limit the promotion and application of correlation technique.
Therefore, be necessary to provide a kind of improved data encryption and authentication method to overcome the defective of prior art.
Used relational language explanation is as follows in the specification of the present invention:
According to the definition of the Electronic Signature Law of China, so-called electronic signature is meant in the electronic message to be used to discern signer's identity and to show that the signer approves the wherein data of content so that electronic form is contained, appended.And electronic message then is meant the information that generates, sends, receives or store with electronics, optics, electromagnetism or similar means.
The digital certificate service organization that the third party that authentication center refers to is that set up according to the 17 of Electronic Signature Law, all approved by the parties is believable, provide the associated electrical authentication service, it can provide and meet Electronic Signature Law twenty-one provision defined electronic signature certificate.
KDC refers to the mechanism that is used for producing with user's cooperation client public key and proof of identification document thereof.
Summary of the invention
The purpose of this invention is to provide a kind of efficient data that need not authentication center encrypts and authentication method; In realizing data encryption and verification process; Need not to depend on mechanism of trusted third party as authentication center, need not the verifier and authentication center accomplishes relevant authentication through real-time, interactive, reduce computation burden, communications burden and data expansion; The work load of mitigation system, the operating efficiency of raising system.
To achieve these goals, the invention provides a kind of efficient data that need not authentication center and encrypt and authentication method, comprise the steps: that (1) confirm system parameters: selected big integer p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (mod p) is a safety elliptic curve that is defined on the finite field gf (p), picked at random one basic point G on elliptic curve E, and establishing n=#E (GF (p)) is the rank of elliptic curve E, and q is the big prime factor of n, and the private key of KDC is SK
SA, SK wherein
SABe the positive integer at random less than q-1, then the PKI of KDC is PK
SA=SK
SA* G; (2) information transmit-receive both sides registration: the information transmit-receive two parties is carried out user's log-in protocol respectively, and is mutual with KDC, obtains separately private key and PKI; (3) sender carries out data encryption and authentication protection operation to sending out the clear-text message of giving the recipient; Wherein said step (3) is specially: positive integer k of (31) sender's picked at random less than number q-1, according to recipient's PKI, recipient's proof of identification document and the PKI computation key parameter of KDC; (32) sender adopts hash digest algorithm and DEA according to the key parameter that calculates, and calculates ciphertext to sending out the clear-text message of giving the recipient, carries out cryptographic operation; (33) sender is according to positive integer k and basic point G compute signature parameter; (34) sender adopts the hash digest algorithm according to clear-text message, signature parameter, positive integer k and big prime factor q, calculates electronic signature; (35) sender is with ciphertext, and signature parameter and electronic signature are combined, and forms data message, and data message is sent to the recipient.
In one embodiment of the invention; Said method also comprises step: (4) recipient interpret and verify the data message of receiving; Be specially: (41) recipient is according to private key of self and the signature parameter in the data message received, computation key parameter; (42) recipient adopts hash digest algorithm and data decryption algorithm according to key parameter, and the ciphertext in the data message that deciphering is received obtains clear-text message; (43) whether the recipient checks the signature parameter in the data message of receiving consistent with the clear-text message that electronic signature and data decryption message obtain, if consistent, explains that the data message of receiving is effective, accepts; Otherwise, explain that the data message of receiving is invalid, directly refusal.
In another embodiment of the present invention, information transmitter is obtained the private key of self in the said step (2), the step of PKI is specially: positive integer k less than q-1 of (21) sender's picked at random
a, according to positive integer k
aAnd basic point G calculates the registration parameter, and will register parameter and send to KDC; (22) after the registration parameter of sender's submission was received by KDC, positive integer k 0 less than q-1 of picked at random was according to positive integer k 0, registration parameter and basic point G calculating sender's PKI; (23) KDC generates sender's proof of identification document according to sender's PKI, sender's personally identifiable information, sender's that KDC distributes the proof of identification document sequence number and the self identification information of KDC; (24) KDC is according to the private key of self, big prime factor q, positive integer k 0 and sender's proof of identification document; Adopt the hash digest algorithm; Calculate certificate parameter, certificate parameter and sender's proof of identification document is formed key parameter, key parameter is sent to the sender; (25) after the sender received the key parameter that is sent by KDC, whether the check key parameter was sent and is not distorted in transmission course by KDC; (26) when assay be that key parameter is sent by KDC, but when transmission course was distorted, the sender required KDC to resend key parameter; (27) when assay be that key parameter is sent by KDC; And when transmission course was not distorted, the sender calculated the private key of self according to the key parameter of receiving; Wherein, the information receiver is through obtaining self private key, PKI with the identical step of private key, PKI that above-mentioned information transmitter is obtained self.
Compared with prior art, the efficient data that the present invention need not authentication center encrypt and authentication method in realizing data encryption and verification process, need not to depend on mechanism of trusted third party as authentication center; Need not the verifier and authentication center accomplishes relevant authentication through real-time, interactive; It through identity of the sender and recipient's identity are organically combined, need not the help at third party's authentic authentication center based on the difficulty of finding the solution of the elliptic curve discrete logarithm problem on the finite field; Only adopt above-mentioned steps (3) can accomplish function to the data encryption and the content integrity authentication of clear-text message; Computation burden, communications burden and the data expansion of having avoided existing method to adopt authentication center to bring, and the occasion that only limits to on-line operation, this method has alleviated the work load of system; Improved the operating efficiency of system; Off-line data protection operation can be carried out, the needs of practical application can be satisfied, simple to operate, operation is efficient; Can resist various known various attack schemes; Fail safe is very high, can guarantee confidentiality, authenticity, fail safe, reliability and the legitimacy of electronic message, can be widely used in various hardware environments such as computer, communication network, smart card, mobile phone; And every field such as e-commerce system, electronic government affairs system, information safety system, network communicating system, have good application prospects.
Through following description and combine accompanying drawing, it is more clear that the present invention will become, and these accompanying drawings are used to explain embodiments of the invention.
Description of drawings
Fig. 1 need not the efficient data encryption of authentication center and the flow chart of authentication method for the present invention.
Fig. 2 encrypt for the self-adapting data that need not authentication center shown in Figure 1 and authentication method in the flow chart operated of data encryption and authentication protection.
Embodiment
With reference now to accompanying drawing, describe embodiments of the invention, the similar elements label is represented similar elements in the accompanying drawing.
Efficient data encryption and authentication method that present embodiment need not authentication center comprise the steps:
Step S1 confirms system parameters: selected big integer p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (mod p) is a safety elliptic curve that is defined on the finite field gf (p), picked at random one basic point G on elliptic curve E, and establishing n=#E (GF (p)) is the rank of elliptic curve E, and q is the big prime factor of n, and the private key of the SA of KDC is SK
SA, SK wherein
SABe the positive integer at random less than q-1, then the PKI of the SA of KDC is PK
SA=SK
SA* G;
Step S2, the information transmit-receive both sides, promptly information transmitter A and receiver B carry out user's log-in protocol respectively, and be mutual with the SA of KDC, obtains the private key SK of self
A, PKI PK
AWith private key SK
B, PKI PK
B
Step S3, sender A carries out data encryption and authentication protection operation to sending out the clear-text message m that gives recipient B, is specially:
Step S31, positive integer k less than number q-1 of sender A picked at random is according to the PKI PK of recipient B
B, recipient B proof of identification document ID
B, and the PKI PK of the SA of KDC
SAThe computation key parameter K, wherein the computing formula of key parameter K is: K=k * Hash (ID
B) * PK
SA+ k * PK
B
Step S32; Sender A is according to the key parameter K that calculates; The employing system is the hash digest algorithm Hash () and the DEA Enc () of agreement in advance, calculates ciphertext c to sending out the clear-text message m that gives the recipient, carries out cryptographic operation; Wherein the computing formula of ciphertext c is: and c=Enc (Hash (K), m);
Step S33, sender A is according to positive integer k and basic point G compute signature parameters R, and the computing formula of the parameters R of wherein signing is R=k * G;
Step S34; Sender A is according to clear-text message m, signature parameters R, positive integer k and big prime factor q, and the employing system is the hash digest algorithm Hash () of agreement in advance, calculates electronic signature s; The computing formula of s of wherein signing electronically is: and s=(Hash (m, R) * R * SK
A+ k) mod q;
Step S35, sender A are with ciphertext c, and the signature parameters R is combined with electronic signature s, and (s), (c, R s) send to recipient B with data message M=for c, R to form data message M=.
Can know by technique scheme, the efficient data that present embodiment need not authentication center encrypt and authentication method in realizing data encryption and verification process, need not to depend on mechanism of trusted third party as authentication center; Need not the verifier and authentication center accomplishes relevant authentication through real-time, interactive; It through sender A identity and recipient B identity are organically combined, need not the help at third party's authentic authentication center based on the difficulty of finding the solution of the elliptic curve discrete logarithm problem on the finite field; Only adopt above-mentioned steps S3 can accomplish function to data encryption and the content integrity authentication of clear-text message m; Computation burden, communications burden and the data expansion of having avoided existing method to adopt authentication center to bring, and the occasion that only limits to on-line operation, this method has alleviated the work load of system; Improved the operating efficiency of system; Off-line data protection operation can be carried out, the needs of practical application can be satisfied, simple to operate, operation is efficient; Can resist various known various attack schemes; Fail safe is very high, can guarantee confidentiality, authenticity, fail safe, reliability and the legitimacy of electronic message, can be widely used in various hardware environments such as computer, communication network, smart card, mobile phone; And every field such as e-commerce system, electronic government affairs system, information safety system, network communicating system, have good application prospects.
This method also comprises step:
Step S4, the data message M=that recipient B receives (c, R, s) after, to data message M=(c, R s) interpret and verify, and are specially:
Step S41, recipient B is according to the private key SK of self
B, and the data message M=that receives (c, R, the signature parameters R in s), computation key parameter K ', wherein the computing formula of key parameter K ' is: K '=SK
B* R;
Step S42, recipient B are according to key parameter K ', and the employing system is the hash digest algorithm Hash () and the data decryption algorithm Dec () of agreement in advance; Data message M=(the c that deciphering is received; R, the ciphertext c in s) obtains clear-text message m; Wherein the analytic formula of clear-text message m is: and m=Dec (Hash (K '), c);
Step S43, and recipient B check data message M=(c, R, the signature parameters R in s) and electronic signature s and data decryption message M=(c, whether R, the clear-text message m that s) obtains unanimity, specifically checks formula to be: s * G=Hash (m, R) * Hash (ID
A) * R * PK
SA+ Hash (m, R) * R * PK
A+ R is if consistent (being that equality is set up) explains that (c, R s) effectively, accept the data message M=that receives; Inconsistent if (being that equality is false), explain the data message M=that receives (c, R, s) invalid, direct refusal.
By on can know that step S4 matching step S3 interprets and verifies the data message, also need not the help at third party's authentic authentication center during checking, and need not the real-time, interactive authenticating step.
In the present embodiment, information transmitter A obtains the private key SK of self among the said step S2
A, PKI PK
AStep be specially:
Step S21, positive integer k of sender A picked at random less than q-1
a, according to positive integer k
aAnd basic point G calculates the registration parameter K
A, and will register parameter K
ASend to the SA of KDC, wherein register parameter K
AComputing formula be: K
A=k
a* G;
Step S22, the SA of KDC receive the registration parameter K that sender A submits to
AAfter, positive integer k 0 less than q-1 of picked at random is according to positive integer k 0, registration parameter K
AAnd basic point G calculates the PKI PK of sender A
A, PKI PK wherein
AComputing formula be: PK
A=k0 * G+K
A
Step S23, the SA of KDC is according to the PKI PK of sender A
A, the personally identifiable information id that submits to of sender A
A, the sender A that distributes of the SA of KDC proof of identification document sequence number sn
A, and the self identification Information ID of the SA of KDC
SA(self identification Information ID
SAFor according to the information that is used for the SA of tagged keys Distribution Center of standard code X.509, like the title of the SA of KDC, numbering, the term of validity etc.), generate the proof of identification document ID of sender A
A, i.e. ID
A=(PK
A, id
A, sn
A, ID
SA), wherein generating mode for by the regulation of standard X.509 with PKI PK
A, personally identifiable information id
A, proof of identification document sequence number sn, identification information ID
SATogether combined and spliced;
Step S24, the SA of KDC is according to the private key SK of self
SA, big prime factor q, positive integer k 0 and sender A proof of identification document ID
A, the employing system is the hash digest algorithm Hash () of agreement in advance, calculates certificate parameter s
a, with certificate parameter s
aProof of identification document ID with sender A
AForm key parameter (ID
A, s
a), with key parameter (ID
A, s
a) send to sender A, wherein certificate parameter s
aComputing formula be: s
a=(Hash (ID
A) * k+SK
SA) mod q;
Step S25, sender A receive the key parameter (ID that is sent by the SA of KDC
A, s
a) after, check key parameter (ID
A, s
a) whether send and do not distorted (authentication authorization and accounting key parameter (ID in transmission course by the SA of KDC
A, s
a) authenticity and integrity), wherein checkout procedure is from key parameter (ID
A, s
a) separate out self PKI PK
AWith certificate parameter s
a, and according to the PKI PK of the SA of KDC
SA, checking equality s
a* G=Hash (ID
A) * (PK
A-K
A)+PK
SAWhether set up, wherein " separating out " is that combined and spliced mode with step S23 is cut apart realization;
Step S26, the result is key parameter (ID when checking
A, s
a) send by the SA of KDC, but when being distorted (being that equality is false) in transmission course, sender A requires the SA of KDC to resend key parameter (ID
A, s
a);
Step S27, the result is key parameter (ID when checking
A, s
a) send by the SA of KDC, and when not distorted (being that equality is set up) in transmission course, sender A is according to the key parameter (ID that receives
A, s
a), calculate the private key SK of self
A, private key SK wherein
AComputing formula be: SK
A=s
a+ Hash (ID
A) * k
a,
Wherein, information receiver B is through obtaining the private key SK of self with above-mentioned information transmitter A
A, PKI PK
AIdentical step is obtained the private key SK of self
B, PKI PK
B
Illustrate the Several Parameters of present embodiment below, the checking present embodiment need not the efficient data encryption and the authentication method of authentication center can realize data encryption and authentication function.
In step S1, selected at random 192 big prime number p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (mod p) is a safety elliptic curve that is defined on the finite field gf (p), on it basic point of picked at random be G=(x, y), the rank of elliptic curve E are n=#E (GF (p)), q is the big prime factor of n.Wherein,
p=6277101735386680763835789423207666416083908700390324961279
a=592616546630905635115220920655548752905575269097021663719
b=4804233895280899388319973107961190048453702796229268188014
n=165186887773333704311468142720121385129365739211127201127
q=165186887773333704311468142720121385129365739211127201127
x=767497456867608967492675205059054232203172713727662547906
y=773339505718536040565224929606618157393578012863049959916
In step S2, S3 and S4, system's agreement is used the hash digest algorithm Hash () of SHA-256 algorithm as agreement, and the AES-256 algorithm is as DEA Enc () and Dec ().
Invention has been described more than to combine most preferred embodiment, but the present invention is not limited to the embodiment of above announcement, and should contain various modification, equivalent combinations of carrying out according to essence of the present invention.
Claims (2)
1. an efficient data that need not authentication center is encrypted and authentication method, comprises the steps:
(1) confirms system parameters: selected big integer p, elliptic curve E (GF (p)): y
2=x
3+ ax+b (mod p) is a safety elliptic curve that is defined on the finite field gf (p), picked at random one basic point G on elliptic curve E, and establishing n=#E (GF (p)) is the rank of elliptic curve E, and q is the big prime factor of n, and the private key of KDC is SK
SA, SK wherein
SABe the positive integer at random less than q-1, then the PKI of KDC is PK
SA=SK
SA* G;
(2) information transmit-receive both sides registration: the information transmit-receive two parties is carried out user's log-in protocol respectively, and is mutual with KDC, obtains separately private key and PKI, and step is specially:
(21) positive integer k of sender's picked at random less than q-1
a, according to positive integer k
aAnd basic point G calculates the registration parameter, and will register parameter and send to KDC;
(22) after the registration parameter of sender's submission was received by KDC, positive integer k 0 less than q-1 of picked at random was according to positive integer k 0, registration parameter and basic point G calculating sender's PKI;
(23) KDC generates sender's proof of identification document according to sender's PKI, sender's personally identifiable information, sender's that KDC distributes the proof of identification document sequence number and the self identification information of KDC;
(24) KDC is according to the private key of self, big prime factor q, positive integer k 0 and sender's proof of identification document; Adopt the hash digest algorithm; Calculate certificate parameter; Certificate parameter and sender's proof of identification document is formed key parameter, key parameter is sent to the sender;
(25) after the sender received the key parameter that is sent by KDC, whether the check key parameter was sent and is not distorted in transmission course by KDC;
(26) when assay be that key parameter is sent by KDC, but when transmission course was distorted, the sender required KDC to resend key parameter,
(27) when assay be that key parameter is sent by KDC, and when transmission course was not distorted, the sender calculated the private key of self according to the key parameter of receiving,
Wherein, the information receiver is through obtaining self private key, PKI with the identical step of private key, PKI that above-mentioned information transmitter is obtained self;
(3) sender carries out data encryption and authentication protection operation to sending out the clear-text message of giving the recipient, is specially:
(31) positive integer k less than number q-1 of sender's picked at random is according to recipient's PKI, recipient's proof of identification document and the PKI computation key parameter of KDC;
(32) sender adopts hash digest algorithm and DEA according to the key parameter that calculates, and calculates ciphertext to sending out the clear-text message of giving the recipient, carries out cryptographic operation;
(33) sender is according to positive integer k and basic point G compute signature parameter;
(34) sender adopts the hash digest algorithm according to clear-text message, signature parameter, positive integer k and big prime factor q, calculates electronic signature;
(35) sender is with ciphertext, and signature parameter and electronic signature are combined, and forms data message, and data message is sent to the recipient.
2. the efficient data that need not authentication center as claimed in claim 1 is encrypted and authentication method, it is characterized in that, also comprises step:
(4) recipient interprets and verifies the data message of receiving, is specially:
(41) recipient is according to private key of self and the signature parameter in the data message received, computation key parameter;
(42) recipient adopts hash digest algorithm and data decryption algorithm according to key parameter, and the ciphertext in the data message that deciphering is received obtains clear-text message;
(43) whether the recipient checks the signature parameter in the data message of receiving consistent with the clear-text message that electronic signature and data decryption message obtain, if consistent, explains that the data message of receiving is effective, accepts; Otherwise, explain that the data message of receiving is invalid, directly refusal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010268540XA CN101931536B (en) | 2010-08-31 | 2010-08-31 | Method for encrypting and authenticating efficient data without authentication center |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010268540XA CN101931536B (en) | 2010-08-31 | 2010-08-31 | Method for encrypting and authenticating efficient data without authentication center |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101931536A CN101931536A (en) | 2010-12-29 |
| CN101931536B true CN101931536B (en) | 2012-05-30 |
Family
ID=43370472
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010268540XA Expired - Fee Related CN101931536B (en) | 2010-08-31 | 2010-08-31 | Method for encrypting and authenticating efficient data without authentication center |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101931536B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023862A (en) * | 2011-09-21 | 2013-04-03 | 索尼公司 | Method, server and system used for integrity protection and authentication |
| CN103927497B (en) | 2014-04-25 | 2017-07-14 | 华为技术有限公司 | NDM document protection methods and device |
| CN104717217B (en) * | 2015-03-18 | 2018-04-06 | 电子科技大学 | The provable security data property held verification method based on section entitlement in a kind of cloud storage |
| CN108667601B (en) * | 2017-03-31 | 2020-12-01 | 华为技术有限公司 | Method, device and equipment for transmitting data |
| CN107040550A (en) * | 2017-06-09 | 2017-08-11 | 成都轻车快马网络科技有限公司 | Data ciphering method during instant messaging |
| CN109495257B (en) * | 2018-12-18 | 2021-08-06 | 国家电网有限公司 | Data acquisition unit encryption method based on improved SM2 cryptographic algorithm |
| CN111600829A (en) * | 2019-02-21 | 2020-08-28 | 杭州萤石软件有限公司 | Secure communication method and system for Internet of things equipment |
| CN110881048B (en) * | 2019-12-16 | 2021-11-09 | 苏宁云计算有限公司 | Safety communication method and device based on identity authentication |
| CN113254985B (en) * | 2021-07-15 | 2021-12-21 | 北京信安世纪科技股份有限公司 | Data encryption method, data processing method, data decryption method and electronic equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267296A (en) * | 2008-04-25 | 2008-09-17 | 武汉理工大学 | An efficient authorization electronic signature method without authentication center |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2465321C (en) * | 2001-11-06 | 2010-05-11 | International Business Machines Corporation | Method and system for the supply of data, transactions and electronic voting |
-
2010
- 2010-08-31 CN CN201010268540XA patent/CN101931536B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101267296A (en) * | 2008-04-25 | 2008-09-17 | 武汉理工大学 | An efficient authorization electronic signature method without authentication center |
Non-Patent Citations (1)
| Title |
|---|
| Youan Xiao.New Self Certified Proxy Digital Signature Scheme based on Elliptic Curve Cryptosystem.《The Third International Conference on Availability, Reliability and Security》.2008, * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101931536A (en) | 2010-12-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10944575B2 (en) | Implicitly certified digital signatures | |
| CN101931536B (en) | Method for encrypting and authenticating efficient data without authentication center | |
| EP2533457B1 (en) | Secure implicit certificate chaining | |
| US8661240B2 (en) | Joint encryption of data | |
| CN107679847B (en) | Mobile transaction privacy protection method based on near field communication bidirectional identity authentication | |
| CN103155481A (en) | Authenticated encryption for digital signatures with message recovery | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN107483191A (en) | A kind of SM2 algorithm secret keys segmentation signature system and method | |
| US9544144B2 (en) | Data encryption | |
| CN103905388A (en) | Authentication method, authentication device, smart card, and server | |
| CN113162773A (en) | Heterogeneous blind signcryption method capable of proving safety | |
| CN101931535A (en) | Method for adaptively performing data encryption and authentication without authentication center | |
| CN102291396B (en) | Anonymous authentication algorithm for remote authentication between credible platforms | |
| CN1905447B (en) | Authentication encryption method and E-mail system | |
| US20150006900A1 (en) | Signature protocol | |
| CN110324357A (en) | Data transmission method for uplink and device, data receiver method and device | |
| CN115001658A (en) | Credible subway identity authentication and access control method under unstable network environment | |
| CN114650173A (en) | Encryption communication method and system | |
| CN110572257B (en) | Identity-based data source identification method and system | |
| JP2009111594A (en) | Authentication system using short sequence | |
| CN111091362A (en) | Mobile transaction privacy protection method based on near field communication bidirectional identity authentication | |
| Ki et al. | Privacy-enhanced deniable authentication e-mail service | |
| Garrett et al. | Blinded Diffie-Hellman: Preventing Eavesdroppers from Tracking Payments | |
| Yi et al. | Security of Park-Lim key agreement schemes for VSAT satellite communications | |
| CN117176329A (en) | Session key generation method and device, processor and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120530 Termination date: 20140831 |
|
| EXPY | Termination of patent right or utility model |